mirror of
https://github.com/outbackdingo/firezone.git
synced 2026-01-27 10:18:54 +00:00
19a7bac4ae
Noticed that we all have different styles of writing scripts :-). This PR adds linting to our shell scripts to standardize on formatting, catch common issues and/or possible security bugs. For editor setup: - Ensure [`shellcheck`](https://github.com/koalaman/shellcheck) and [`shfmt`](https://github.com/mvdan/sh) are in your `PATH` - Configure `shfmt` with indentation of `4`, otherwise it uses tabs by default. [Here](https://github.com/jamilbk/nvim/blob/master/init.vim#L159) is how you can do that with Vim and [here](https://marketplace.visualstudio.com/items?itemName=mkhl.shfmt) is how for VScode. --------- Signed-off-by: Jamil <jamilbk@users.noreply.github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: Reactor Scram <ReactorScram@users.noreply.github.com> Co-authored-by: Thomas Eizinger <thomas@eizinger.io> Co-authored-by: Brian Manifold <bmanifold@users.noreply.github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Andrew Dryga <andrew@dryga.com> Co-authored-by: Gabi <gabrielalejandro7@gmail.com>
50 lines
1.8 KiB
Bash
Executable File
50 lines
1.8 KiB
Bash
Executable File
#!/usr/bin/env bash
|
|
|
|
set -euo pipefail
|
|
|
|
TARGET_IMAGE="ghcr.io/firezone/gateway:1"
|
|
|
|
CURRENTLY_RUNNING=$(docker ps --format "{{.Names}} {{.Image}}" | grep -e "$TARGET_IMAGE" | awk '{print $1}')
|
|
if [ "$CURRENTLY_RUNNING" == "" ]; then
|
|
echo "No Firezone gateway found running on this system. Exiting."
|
|
exit 1
|
|
fi
|
|
|
|
echo "Pulling latest image..."
|
|
docker pull "$TARGET_IMAGE" >/dev/null
|
|
echo "Checking for containers to upgrade..."
|
|
for RUNNING_CONTAINER in $CURRENTLY_RUNNING; do
|
|
LATEST=$(docker inspect --format "{{.Id}}" "$TARGET_IMAGE")
|
|
RUNNING=$(docker inspect --format "{{.Image}}" "$RUNNING_CONTAINER")
|
|
RUNNING_NAME=$(docker inspect --format "{{.Name}}" "$RUNNING_CONTAINER" | sed 's~/~~g')
|
|
|
|
# Upgrade if necessary
|
|
if [ "$RUNNING" != "$LATEST" ]; then
|
|
echo -n "Upgrading gateway..."
|
|
docker container inspect "$RUNNING_CONTAINER" --format '{{join .Config.Env "\n"}}' | grep -v "PATH" >variables.env
|
|
docker stop "$RUNNING_CONTAINER" >/dev/null
|
|
docker rm -f "$RUNNING_CONTAINER" >/dev/null
|
|
docker run -d \
|
|
--restart=unless-stopped \
|
|
--pull=always \
|
|
--health-cmd="ip link | grep tun-firezone" \
|
|
--name="$RUNNING_NAME" \
|
|
--cap-add=NET_ADMIN \
|
|
--volume /var/lib/firezone \
|
|
--env-file variables.env \
|
|
--sysctl net.ipv4.ip_forward=1 \
|
|
--sysctl net.ipv4.conf.all.src_valid_mark=1 \
|
|
--sysctl net.ipv6.conf.all.disable_ipv6=0 \
|
|
--sysctl net.ipv6.conf.all.forwarding=1 \
|
|
--sysctl net.ipv6.conf.default.forwarding=1 \
|
|
--device="/dev/net/tun:/dev/net/tun" \
|
|
"$TARGET_IMAGE"
|
|
rm variables.env
|
|
echo "Container upgraded"
|
|
else
|
|
echo "Gateway is already up to date"
|
|
fi
|
|
done
|
|
|
|
echo "Done!"
|